Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > incidents > 03 > 071750.html (Request Expert securityfocus.com Support)

RE: [Full-Disclosure] Re: Cisco IOS Denial of Service that affects most Cisco IOS routers- requires power cycle to recover

From: Cedric Blancher <blancher(at)cartel-securite.fr>
Date: Thu Jul 24 2003 - 02:49:32 EDT

Le mer 23/07/2003 à 19:43, lee.e.rian@census.gov a écrit :
> So... has anyone been able to verify that the problem occurs when the TTL
> expires without the packet being addressed to the router? Or is it a
> requirement that the evil packet be addressed to the router?

I checked this and it appears packets have to be addressed to target router. Transit evil packets which TTL would expire on a router won't affect it.

My tests were performed using Scapy to generate following packets : 

	IP proto set to vulnerable ones
	TTL set to expire on target router
	IP payload set to 26 "X"

-- 
http://www.netexit.com/~sid/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE

---------------------------------------------------------------------------
----------------------------------------------------------------------------
Received on Thu Jul 24 14:03:49 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:12 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library